TESTIMONIALS

I was impressed initially with the overall sales staff and the promptness of the managers.
I am happy to call ZoHa Islands the home for my store and would recommend it to any of my friends and family looking for land.
~Katara Adored, USA

From the customer service agents to the owner, ZoHa Islands has never failed to keep me feeling like a valued customer and this has made a loyal customer out of me.Thank you to ZoHa Islands and it's many staff and associates, for all of the excellent customer service you provide and your outstanding skill for making your customers truly feel number one.
~RiderDavis Resident, USA

Category Archives: HINTS & TIPS

Over the past two decades, password rules have become more complicated and burdensome upon users. Users have coped with arbitrary, byzantine password rules by creating the most easily remembered passwords that comply with the rules, changing them when required in minor, predictable ways, and reusing compliant passwords on multiple online accounts. The results include lots of frustration and LESS security. Here’s how to do it right…

Everything You Know About Passwords is Wrong

A typical site now requires you to create a password at least 8 characters long that includes at least three or four types of characters: upper-case, lower-case, numeral, and special characters such as !, @, #, etc. In most cases, the resulting password is exactly 8 characters long, begins with an upper-case character, and ends with an exclamation point or the numeral “1.” Often it’s a recognizable name associated with the user, such as a child’s or pet’s name. If a password needs to be changed, it’s often only the last character that’s changed, and in a predictable fashion, i. e., “1” becomes “2,” “!” becomes “@,” etc.

Hackers know these official rules, and the de facto rules that users have created to comply with the least effort. They have hundred of billions of stolen passwords from which to figure out the rules, and they incorporate the rules in password-cracking software to make it more efficient. They also have massive computing power that can try billions of possible passwords per hour. The upshot is that most passwords actually in use can be cracked in a matter of hours.

One solution to human predictability is password-generating software that produces longer, more random passwords, and password-management software that remembers what site a password goes with. These functions may be combined in one software package, such as Roboform, Dashlane or LastPass.

But many sites deliberately thwart the use of password managers, either by forcing users to enter usernames and passwords on two separate screens or by adding code that blocks auto-filling of passwords. Apparently, the admins of such sites think a password encrypted and stored on a hard drive is as insecure as one written on a Post-It Note.

Another solution to remembering strong passwords is mnemonic – a sentence that’s easily remembered because it makes grammatical sense, and which contains the characters of a password that can be extracted by applying a simple rule. For instance, a password might be the first letters of the sentence, “My horse knows how to use 2 pink staple guns.” In fact, that whole sentence would make a virtually impenetrable password, if the official rules allowed spaces.

This geeky cartoon from XKCD.com illustrates the difference between passwords as they are and as they could be, if sysadmins allowed it. Following the official rules results in a password that’s easily cracked in 3 days, while the phrase, “correct horse battery staple” takes 550 years, far longer than any hacker cares to spend.

What About Those Password Strength Meters?

Research has found that users will create stronger passwords if they receive feedback about password strength as they create a password. But so-called “strength meters” often measure only compliance with rules instead of statistical strength, according to researchers at Carnegie-Mellon University. The CMU geeks have created a strength meter that uses a powerful neural network to calculate the true strength of a hypothetical password on the spot, and even explains what’s wrong with your password creation strategy. The rules they recommend are:

At least 12 characters per password

Capitalized and special characters in the middle of the password, not at ends

No names associated with pets or sports teams

No song lyrics

Avoid the word “love” in any language

Avoid patterns such as “123,” including keyboard patterns (“qwertyasdfg”)

I advise using a password generator/manager wherever possible. They’re getting better at circumventing the security-limiting roadblocks that some website owners think are important. If you prefer not to use password software, a memorable phrase is the next best thing. In the past, I’ve used the first sentence from the first paragraph of a certain page in an old book. For example, on page 67 of “The Autobiography of Benjamin Franklin,” I found the phrase “There are Croakers in every country.” It’s memorable, and it makes for a strong password. Or as mentioned above, you can apply a formula of your choosing to such a phrase.

What’s your password strategy? Do you use a password manager, a sticky note, or keep it in your head?

So today upon doing my daily email check I noticed a new one from Second Life, it looks like some exciting changes are in the works for this new along with added support from our friends at Linden Lab.

Dear Second Life Residents,

It’s been an exciting summer at Linden Lab. Second Life celebrated its 14th anniversary, and shortly thereafter we also opened Sansar’s creator beta to the world. In addition, we are thrilled to announce a set of investments into Second Life and its communities that will include enhancements to our engineering support, customer support, billing systems and upgrades, and customer acquisition outreach. In all, we’ve budgeted many millions (USD, not L$…) in the coming year to make SL even better, and we’ll keep everyone up to date on improvements as they roll out (or sooner).

This summer’s milestones have given us all another opportunity to reflect on just how strong the Second Life community is, what an incredible history SL has had so far, and what an amazing future lies ahead for the virtual world and its Residents.

For more than 14 years, you’ve created memorable experiences, diverse communities, close relationships, thriving economies, engaging art, exciting events, and amazing creations of all kinds. You’ve made the world, and we’re proud to provide the platform and tools that help you to do so. We at Linden continue to be impressed by what we witness from Residents every day, and we want you to know that we share that commitment to and love for Second Life.
Here are a few of the things you can look forward to soon:

• We are hard at work upgrading all of the SL infrastructure and moving it to the cloud, which will bring a wealth of opportunities to Residents near and far, and allow us, among many other things, to make SL more performant for Residents across the world from us. It may also allow us to introduce new products with more flexible pricing.
• We’re working on several features to increase the value of Premium subscriptions. Most recently we gave Premium members priority access to near-full events, and shortly, we’ll be ready to unveil another bit of exciting news for subscribers.
• We’re building out a series of great extensions to Windlight (code name: EEP!), which will give value, flexibility, and new marketability to land, and will make Windlight settings tradeable assets.
• We have an extension to the animation system in the works (code name: Animesh) that will allow non-avatar objects to use more powerful and efficient skeletal animations the way avatars can today, and even more changes planned for creators and merchants later in the year.
• We’ve also got new experiences and events coming. An exciting new grid-wide gaming experience is coming soon! The team can’t wait to share the details with you in just a few days. Also in the works for this fall is an updated Halloween Haunted Tour, with new spooktacular events to celebrate. Not to mention, we’re turning 15 next year – SL15B, baby! That’s an incredible milestone and we are looking forward to collaborating with you to produce an amazing celebration.

Long live Second Life and long live the creative process in the amazing worlds that you’ve trail-blazed! Thank you for filling SL with your creations and communities all of these past 14+ years, and here’s to many, many more together.

Second Life as we know seems to be hard to hack, But is becoming more evident it’s an open source for hacks and Malware as much as just surfing the Interwebs. Our advice is, NEVER EVER click on links sent to you In World! Sure your friends could send you a seemingly harmless link they found and just have to have you see it, and BAM! you are now paying a ransom to get your computer back.! So folk’s just DON’T!

While everyone was preoccupied with the Wannacry ransomware epidemic that began in mid-May, a bigger threat was secretly spreading through tens of thousands of computers. It locks up files and demands a ransom, too, but that’s just a smoke screen designed to distract victims from what this sneaky malware is really up to. Here’s what you need to know about DoublePulsar…

What is DoublePulsar?

There are lots of movies that deal with the theme of “lab experiment gone wrong.” In Jurassic Park, for example, the dinosaurs created by well-meaning scientists escape from the lab and wreak havoc on the outside world. A similar thing has recently happened, but in the digital world this time.

The U.S. government’s premier spy agency created a program called DoublePulsar that enables undetectable infiltration of a target computer. Then someone stole DoublePulsar and a bunch of other NSA spying tools. A hacker group known as the Shadow Brokers posted the NSA tools online, and they were immediately exploited.

Before encrypting an infected computer’s data, this malware scans documents, email, browser histories, and other targets looking for login credentials. With credentials, hackers can infiltrate an entire enterprise network and work all sorts of mischief. Data can be stolen; operations disrupted; and computers turned into slaves to hackers’ other projects.

NSA DoublePulsar hacking tool

For consumers on home networks, being enslaved as part of a botnet is the most serious danger. Some bots are being used to launch spam campaigns. Others are being exploited to “mine” cryptocurrency like Bitcoin, creating wealth for hackers from the computing resources of others.

The galling thing about this malware is that it uses a sophisticated hacking tool developed by the National Security Agency (NSA). DoublePulsar allows malware to enter target systems undetected by 99% of commercial security software. The malware can be injected into the kernel, the heart of an operating system, where the malware will have the highest system privileges.

Conscientious consumers can protect themselves. Microsoft has issued two sets of Windows patches designed to ward off the stolen NSA hacking tools. But the NSA has not been forthcoming about all of the Windows vulnerabilities it has discovered, prompting Microsoft president Brad Smith to blast the NSA and other government agencies that don’t share knowledge that could improve everyone’s security.

Undetectable malware is on the rise. In mid-June, 2017, a new technique called “fileless malware” was used to infect the point-of-sale systems of several hundred restaurants. This type of malware is never written to a disk; it is injected into RAM and does its dirty work there. Most anti-malware software scans for “signatures” in executable files, and overlooks fileless malware.

In the past, only governments had sophisticated hacking tools like these. But now, Shadow Brokers is offering subscription access to NSA tools, and a user interface called Metasploit that makes child’s play of plotting and executing a global ransomware or credential-stealing attack. Anyone with a few hundred bucks can wreak global havoc.

The biggest fear among security experts is that DoublePulsar and other NSA tools have been used to compromise the computers that run critical infrastructure such as power grids, hospitals, railroad systems, traffic lights, and so on. Lives could be at risk.

The best that consumers can do is keep their systems up to date with security patches. I mentioned earlier that Microsoft has issued Windows patches designed to ward off the stolen NSA hacking tools. Those patches were released back in March. So it was failure to apply security patches in a timely manner that allowed WannaCry and DoublePulsar to attack and spread widely.

If you’re not already configured for automatic Windows updates, you really should be. Here’s how to do it:

In Windows 7, click the Start button and enter “windows update” in the search box. Open Windows Update from the search results list. In the left sidebar, select “change settings.” Under “Important updates,” select “Install automatically” from the drop-down menu. Pick a convenient time for Windows to install updates and restart your PC, if necessary. The default is 3:00 a.m.

Windows 10 installs updates automatically by default. To fine-tune Win 10 updates, enter “windows update settings” in the search box on the taskbar, and click on that phrase in the search results. Next, click the Advanced link, and check the box next to “Use my sign-in…”. This allows Windows 10 to complete the installation of updates that require a restart. When this option is checked, Win 10 will log you out, restart and install updates, then log you back in.

If you use Microsoft products such as Office, check the box that enables updating of those as well as Windows. The rest of the options should be left as they are unless you have a compelling reason to change them.

I’d like to Thank Bob Rankin for Sharing his expertise in computer security and how to stay safe.

To celebrate, Linden Lab has put together a special (and somewhat mysterious) gift set.

We’re not entirely sure what a Sananok is, but the Moles assure us they are friendly creatures that tend to keep to themselves and need a good home. Each Sananok avatar comes with a mysterious egg, which is in fact so mysterious, not even the Moles know what it will hatch into.

Sananok Avatar

A wearable avatar that includes a shape and an alpha layer.

Mysterious Egg (Rezzable or wearable)

Things you can do with the egg:

Rez it out your parcel, make it feel at home.

Add it to your avatar to carry it around with you (perhaps for a night on the town?).

Have a tea party with it, it’s all good.

Keep an eye on your Egg as it will, from time to time, tell you things (like when it’s getting ready to hatch!).

8 Things You Should Know About Support Tickets

No one wants to have to deal with issues in Second Life, but we all face them. It is the nature of the game. All kinds of things pop up here and there and luckily, with ZoHa Islands, you have Support on your side to help with these things. By following the list below, you will find you can get your issues taken care of very quickly, and move on to the real reason for being in SL… to have fun!

1. YOU MUST OWN ZOHA LAND.

This might sound a little obvious, but you would be surprised at the number of people that submit tickets each day, that are no longer ZoHa residents. They have moved to another estate that does not provide support, so they come to us asking for help. Sorry, we only have time for our residents. Best of Luck to you.

2. DOUBLE CHECK YOUR USER NAME.

Use your USER NAME. Again, you would be amazed at the number of tickets we get that either use a display name or have a typo in the user name. There is no way to search for display names especially when special characters are involved. While we are good at quite typonese in writings, we simply have no way of finding you if you don’t spell your user name right. By the way – These same people, generally speaking, are the ones who jump in group chat and complain about not receiving a response to their ticket. We don’t have a database of “possible variations” of your name. Please take a moment to double check your name, so we can find you.

3. EXPLAIN THE ISSUE IN DETAIL.

If all you have in your ticket is “I need help.” or “I have questions” then your ticket falls to the bottom of the list – we need details to better assist and investigate prior to contact. When we get over-loaded with tickets we take the highest priority first. You are going to have to type out an explanation/question sooner or later. By explaining in the ticket, you only have to do it once and we can be ready with answers when we contact you.

4. YOU ARE NOT THE ONLY TICKET.

ZoHa Islands has approximately 4500 residents at any given time. Please, please, please do not assume you are the only one that is having a problem. We have several tickets running at all times. Long-term residents that remember the old way of getting support simply did not know how many times people sent an IM directly to an Estate Manager and never asked in group for help. The group chat has ALWAYS reflected a mere small percentage of the support issues we address each day.

5. GRIEFER:

If you have a griefer, you do not need a ticket. Simply say so in group. “I have a griefer on White Marsh” we will come running. Starting off with “hello” or “can I speak to someone?” will not get you the attention you need quickly. Tell us what you need!

6. LAND SALES DO NOT REQUIRE A TICKET.

We have Sales Agents on duty 24/7 with that being their responsibility. Just say in group that you want to get new land. Whether it be additional land, or upgrade/downgrade.. just say so in group. “I need a Sales Agent” or “I want to buy new land” anything like that you are comfortable saying.

7. NO RESPONSE!!

If you do not get a response to your ticket by the time you log off, please be careful of your incoming IMs the next time you log on. Many times people are not online when we respond. Usually, it is due to them crashing about the time we respond. Please do not assume you were ignored. If it has been several HOURS, you may want to resubmit your ticket. See #2 and #3 above!

8. ADD SUPPORT TO YOUR ORB:

Support ZoHaIslands is the user name of the support avatar. Adding Support to your orb is not mandatory, but it is helpful to quickly address issues.

Please remember, we are coming to help YOU. We want for you to have an enjoyable SL experience. We are on your side.

The Second Life Wiki has a plethora of information for SL Residents — from answering frequently asked questions, to how to manage private regions, to improving viewer performance.

For those of you using the SL viewer, I thought I would share some good information that can be found in the Wiki regarding how to get the most out of your SL experience by a few tweaks of the viewer. The full article can be found by clicking here: How To Improve Viewer Performance.

Linden Lab suggests always maintaining your computer to run at it’s optimal performance. This can be achieved by following these simple steps:

Follow the recommendations here to improve overall performance of Second Life and to address many common lag problems.

Another Important Maintenance Tip: CLEAN THE DUST FROM YOUR PC TOWER OR LAPTOP REGULARLY!

THE BASICS
• Make sure your computer meets the minimum system requirements. (Click here: SL’s Minimum System Requirements). It’s best to exceed them to prevent bottlenecks, since they are the bare minimum required to run Second Life. A slower processor, older video card, or low memory can contribute to slow framerates.

• Make sure you have working drivers for your video card. Search the SL Forum for posts on your video card. The latest driver is not always the best.

Important: Second Life allows but does not support wireless connections. Always use a hardwired connection if possible.

OPTIMIZE YOUR DISPLAY PREFERENCES
Optimize your preferences to help Second Life run more efficiently. Try the following:
• Choose Me > Preferences
• Click on the Graphics tab.
• Move the Quality and speed slider to Low.
• Click the Advanced button
• Move the settings on the Mesh detail sliders to “Mid” or “Low.”

In general to improve performance set the Draw Distance to 128m. Depending on the region you are in the SL environment may be overloading the render process. This is the number one cause of poor performance on high-end gaming rigs in SL.

Set the Avatar Complexity Information to 350k or lower. This setting will render 90+% of all SL avatars and engage the video crasher protection. Avatars over the maximum avatar complexity will appear in various colors “Jelly dolls” resembling giant gummy avatars, (NO this is not a joke)

Set your Max Bandwidth to 80% of your download speed or 1500, whichever is less. The tells the server how much ‘update’ data to throw at you. This controls ONLY the UDP protocol, which has no error correction. Lost packers are lost damaging performance.

Set avatar impostors at 12 or 14. This setting stops the viewer from fully rendering avatars further away from your avatar. It reduces the render load with little if any visible change in your scene.

If you are on a laptop, make sure your system is using the video chip. The chip pulls power and a laptop in power saving mode will turn off the chip and render everything by CPU.

Check the Speed for your CPU – SL Viewer performance is very sensitive to processor speed. Core speed is more important than the number of cores. CPU and memory speed can kill viewer performance.

Autoplaying your music and media can be very demanding on some PC equipment. Use manual play instead:
• Choose Me > Preferences > Sound & Media
• Deselect Allow Media to auto-play.

Also to improve performance by gettngn rid of visual noise:
• Choose World > Show
• Disable Property Lines and Land Owners.

TROUBLESHOOTING TIPS
If you followed the advice above and are still experiencing performance problems, try the following.
• Exit and restart Second Life. This often is enough to fix the problem.
• Clear the cache. The cache is where the Second Life Viewer stores data on your hard drive for later retrieval.
To clear the cache:
1) Choose Me > Preferences.
2) Click the Advanced tab.
3) Click Clear Cache.
4) After you’re prompted, restart the Viewer.

Check the Lag Meter:
• Choose Advanced > Performance Tools > Lag Meter. The lag meter breaks lag down into Client, Network, and Server lag, with corresponding indicators for each lag type.
• Click >> to reveal descriptions and advice for solving any lag problems you are having.
• Try teleporting to a quieter area or one with fewer objects, to see if the situation improves.
• Disable antialising.

Check your Ping Sim and Packet Loss values:
• Choose Advanced > Performance Tools > Statistics Bar to open the STATISTICS window.
The ping values are the time (in milliseconds) it takes to reach the server from your computer. If this number is high, it could indicate a problem with your network or internet connection. If Packet Loss is a nonzero number, your network or ISP may be having issues. See Using the statistics bar for more information.

• Check to see if there is anything blocking your computer’s ventilation ports, and make sure all the fans are working properly. Laptops in particular can get quite hot when placed on a flat surface, so you may want to try propping yours on a stand to increase airflow, or consider buying a cooling device like a “chill mat or a laptop cooling mat”.

• Finally, if you’ve overclocked or made other modifications to your computer, disable them until you can attain stability. You can use tools like Prime95 to stress-test your computer independently of Second Life.

USING THE STATISTICS BAR

The statistics bar presents a detailed list of information about the performance of your computer and Second Life. While the sheer amount of information can be confusing, knowing what to look for can tell you a lot about what’s going on in Second Life. Below we will go over the most important aspects.

Basic (This is YOUR computer info not the simulator)

Displays basic information about your Second Life performance. Click on the word Basic to hide or display this panel.

FPS: The number of times per second your computer is redrawing(or refreshing) what’s on the screen. Higher numbers are better. A framerate between 15-30 frames per second (FPS) is about as smooth as broadcast television.

Bandwidth: How much data is being transferred between your computer and the Second Life world. This number varies wildly depending on what bandwidth settings you’ve used, where you are inworld, what’s going on, and whether you’re still loading some things (objects/textures/etc) that are in your field of view. If bandwidth is 0kbps, something may be wrong (you may be partially disconnected).

Packet Loss: The amount of data being lost as it travels between your computer and the server. Any nonzero packet loss is bad; packetloss above 10% is very bad. Packet loss might be caused by a dying server (in which case everyone in the region would be experiencing it), a bad connection between you and Second Life (possibly a bad router between your ISP and Second Life, or congestion at your ISP), or problems on your local network (wireless networking, or internet security or firewall software on your computer).

Ping Sim: How long it takes data to go from your computer to the region you’re currently in. This is largely dependent on your connection to the Internet. If Ping Sim is high but Ping User is not, the server might be having problems.

Simulator (This is the info for the simulator you are on!)

Displays statistics for the region (simulator) you’re currently in. Click on the word Simulator to hide or display this panel.

NOTE: an “agent” is either a user in a given region (a “main agent”) or a user in a neighboring region (a “child agent”). Any user who can see objects inside a simulator region increases the load on that simulator. The nominal values below are for simulators running on a single simulator per CPU. On other simulators (such as water simulators), these number will be different.

Time Dilation – The physics simulation rate relative to realtime. 1.0 means that the simulator is running at full speed; 0.5 means that physics are running at half-speed.

Sim FPS – The simulator frame rate. This should now always be the same as the physics frame rate — 45.0 when things are running well.

Physics FPS – The frame rate at which the physics engine is running. This should normally be at or near 45.0.

Agent Updates/Sec – The rate at which agents on this simulator are being updated. Normally 20 updates a second, this will decrease if the simulator has a large number of agents on it.

Main Agents – The number of agents (users) who are on this simulator.

Child Agents – The number of agents who are not on this simulator, but can see it.

Objects – The total number of primitives on the simulator. This value does not include primitives being worn as attachments.

Active Objects – The number of objects containing active scripts on the simulator. This value does not include scripts inside attachments, unless the attachment wearer is sitting on a scripted object.

Active Scripts – The number of running scripts that are currently on the simulator, including scripts attached to agents and objects.

Script Perf – Number of LSL opcodes being executed a second by the simulator. Note that this is the number of ACTUAL instructions executed in the last second, not the theoretical maximum opcodes/second. If your simulator is not running very many scripts, this number will be low even if performance is good.

Packets In – UDP packets being received by the simulator.

Packets Out – UDP packets being sent by the simulator.

Pending Downloads – Number of asset downloads to the simulator that are pending. If this is greater than 1, this means that you may see delays in viewing notecards or scripts, and rezzing objects.

Pending Uploads – Number of current uploads of asset data pending. If this number is non-zero, this means that there may be performance issues when attempting to teleport.

Total Unacked Bytes – The size of the reliable packet data sitting on the server waiting to be acknowledged. A large number may indicate a thin pipe or other possible problems between the viewer and the sim.

Time

The following are the different times listed in the Time section of the Statistics bar. Click Time to hide or display this panel.

Total Frame Time – The sum of all time values listed below it, this measures how much time it takes the simulator to run everything that the simulator is trying to do each frame.

< 22 ms – The simulator is healthy, everything is running as fast as it can, and more scripts can be added without reducing the performance of individual scripts.

approx. 22 ms – The simulator is healthy, but there are probably a lot of scripts and agents on the simulator, meaning that script execution is being slowed down in order to maintain the simulator frame rate.

> 22 ms – The simulator is experiencing severe load, either due to physics or a large number of agents, such that even by slowing down script execution it is impossible to compensate. The simulator frame rate has been reduced as a result.

Net Time – The amount of time spent responding to incoming network data.

Sim Time (Physics) – The amount of time that frame spent running physics simulations. In general, this should be less than 5 milliseconds.

Sim Time (Other) – The amount of time that frame spent running other simulations (agent movement, weather simulation, etc.)

Agent Time – The amount of time spent updating and transmitting object data to the agents.

Images Time – The amount of time spent updating and transmitting image data to the agents.

Script Time – The amount of time spent running scripts.

Please keep in mind that some of these tweaks may improve performance (i.e. reduce crashing, reduce lag, etc.) but they also may affect the visual look of Second Life. By lowering graphics settings, turning off antialiasing, etc. it will affect the quality. You will trade performance for sharp visual quality. Play with the settings until you can get a balance of performance and visual appeal.

FIRESTORM VIEWER USERS: I strongly recommend joining the in-world Firestorm Users Group. There, you can get instant online help from FS staff as well as users. Also they frequently hold in-world classes on the viewer. I highly recommend these classes. They are extremely helpful.